Blog

Validating the security of your MikroTik routers network-wide

Recently, there has been a resurgence of attacks on MikroTik RouterOS devices (articles
here,
here
and here)
using multiple vulnerabilities that were fixed in April 2018 (release 6.42.1), but also falling
back to some older vulnerabilities.
These new attacks primarily use an exploit in Winbox (one of MikroTiks management interfaces),
to gain control of the router, and perform various malicious tasks.

In this article, we will use Unimus to check if any of your routers are compromised across your
whole network.
We will also look into how to use Unimus to both audit and fix potential security holes for old
and new MikroTik exploits alike.

Unimus 1.7.0 and Network Automation

Last week, we released Unimus 1.7.0.
The biggest part of this release was our new Network Automation / Mass Config Push feature.
This release marks a huge milestone for Unimus, and in this article, we would like to tell you
more about it!

This article will mostly focus on Network Automation, since this is the biggest, and the most interesting
feature in this release.

Network-wide MikroTik RouterOS upgrade with Unimus

Recently, MikroTik has had a series of painful vulnerabilities. More details can be found
here
and here.
But MikroTik is not alone in this. Cisco also recently had a bad ASA vulnerability
(info
here), and just last year Ubiquiti had a massive exploit which brought down many networks
around the world
(more details).

This article will focus on MikroTik - we will show you how you can do a network wide mass upgade
of RouterOS using Unimus, and the RouterOS Package Source feature.
What's even better, doing the entire upgrade process (including setup of Unimus and RouterOS
Package Source) can be done in under an hour.